package bisq.common.crypto;

import bisq.common.util.Utilities;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.util.encoders.Hex;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:bisq/common/crypto/Encryption.class */
public class Encryption {
    private static final Logger log = LoggerFactory.getLogger(Encryption.class);
    public static final String ASYM_KEY_ALGO = "RSA";
    private static final String ASYM_CIPHER = "RSA/None/OAEPWithSHA256AndMGF1Padding";
    private static final String SYM_KEY_ALGO = "AES";
    private static final String SYM_CIPHER = "AES";
    private static final String HMAC = "HmacSHA256";

    public static KeyPair generateKeyPair() {
        long currentTimeMillis = System.currentTimeMillis();
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ASYM_KEY_ALGO, "BC");
            keyPairGenerator.initialize(2048);
            KeyPair genKeyPair = keyPairGenerator.genKeyPair();
            log.trace("Generate msgEncryptionKeyPair needed {} ms", Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
            return genKeyPair;
        } catch (Throwable th) {
            log.error(th.toString());
            th.printStackTrace();
            throw new RuntimeException("Could not create key.");
        }
    }

    public static byte[] encrypt(byte[] bArr, SecretKey secretKey) throws CryptoException {
        try {
            Cipher cipher = Cipher.getInstance("AES", "BC");
            cipher.init(1, secretKey);
            return cipher.doFinal(bArr);
        } catch (Throwable th) {
            th.printStackTrace();
            throw new CryptoException(th);
        }
    }

    public static byte[] decrypt(byte[] bArr, SecretKey secretKey) throws CryptoException {
        try {
            Cipher cipher = Cipher.getInstance("AES", "BC");
            cipher.init(2, secretKey);
            return cipher.doFinal(bArr);
        } catch (Throwable th) {
            throw new CryptoException(th);
        }
    }

    public static SecretKey getSecretKeyFromBytes(byte[] bArr) {
        return new SecretKeySpec(bArr, 0, bArr.length, "AES");
    }

    public static byte[] getSecretKeyBytes(SecretKey secretKey) {
        return secretKey.getEncoded();
    }

    private static byte[] getPayloadWithHmac(byte[] bArr, SecretKey secretKey) {
        ByteArrayOutputStream byteArrayOutputStream = null;
        try {
            try {
                try {
                    byte[] hmac = getHmac(bArr, secretKey);
                    ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
                    byteArrayOutputStream2.write(bArr);
                    byteArrayOutputStream2.write(hmac);
                    byteArrayOutputStream2.flush();
                    byte[] bArr2 = (byte[]) byteArrayOutputStream2.toByteArray().clone();
                    if (byteArrayOutputStream2 != null) {
                        try {
                            byteArrayOutputStream2.close();
                        } catch (IOException e) {
                        }
                    }
                    return bArr2;
                } catch (Throwable th) {
                    log.error(th.toString());
                    th.printStackTrace();
                    throw new RuntimeException("Could not create hmac");
                }
            } catch (IOException | NoSuchProviderException e2) {
                log.error(e2.toString());
                e2.printStackTrace();
                throw new RuntimeException("Could not create hmac");
            }
        } catch (Throwable th2) {
            if (0 != 0) {
                try {
                    byteArrayOutputStream.close();
                } catch (IOException e3) {
                }
            }
            throw th2;
        }
    }

    private static boolean verifyHmac(byte[] bArr, byte[] bArr2, SecretKey secretKey) {
        try {
            return Arrays.equals(getHmac(bArr, secretKey), bArr2);
        } catch (Throwable th) {
            log.error(th.toString());
            th.printStackTrace();
            throw new RuntimeException("Could not create cipher");
        }
    }

    private static byte[] getHmac(byte[] bArr, SecretKey secretKey) throws NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException {
        Mac mac = Mac.getInstance(HMAC, "BC");
        mac.init(secretKey);
        return mac.doFinal(bArr);
    }

    public static byte[] encryptPayloadWithHmac(byte[] bArr, SecretKey secretKey) throws CryptoException {
        return encrypt(getPayloadWithHmac(bArr, secretKey), secretKey);
    }

    public static byte[] decryptPayloadWithHmac(byte[] bArr, SecretKey secretKey) throws CryptoException {
        String hexString = Hex.toHexString(decrypt(bArr, secretKey));
        int length = hexString.length();
        int i = length - 64;
        String substring = hexString.substring(0, i);
        if (verifyHmac(Hex.decode(substring), Hex.decode(hexString.substring(i, length)), secretKey)) {
            return Hex.decode(substring);
        }
        throw new CryptoException("Hmac does not match.");
    }

    public static byte[] encryptSecretKey(SecretKey secretKey, PublicKey publicKey) throws CryptoException {
        try {
            Cipher cipher = Cipher.getInstance(ASYM_CIPHER, "BC");
            cipher.init(3, publicKey);
            return cipher.wrap(secretKey);
        } catch (Throwable th) {
            th.printStackTrace();
            throw new CryptoException("Couldn't encrypt payload");
        }
    }

    public static SecretKey decryptSecretKey(byte[] bArr, PrivateKey privateKey) throws CryptoException {
        try {
            Cipher cipher = Cipher.getInstance(ASYM_CIPHER, "BC");
            cipher.init(4, privateKey);
            return (SecretKey) cipher.unwrap(bArr, "AES", 3);
        } catch (Throwable th) {
            throw new CryptoException(th);
        }
    }

    public static SecretKey generateSecretKey(int i) {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "BC");
            keyGenerator.init(i);
            return keyGenerator.generateKey();
        } catch (Throwable th) {
            th.printStackTrace();
            log.error(th.getMessage());
            throw new RuntimeException("Couldn't generate key");
        }
    }

    public static byte[] getPublicKeyBytes(PublicKey publicKey) {
        return new X509EncodedKeySpec(publicKey.getEncoded()).getEncoded();
    }

    public static PublicKey getPublicKeyFromBytes(byte[] bArr) {
        try {
            return KeyFactory.getInstance(ASYM_KEY_ALGO, "BC").generatePublic(new X509EncodedKeySpec(bArr));
        } catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException e) {
            log.error("Error creating sigPublicKey from bytes. sigPublicKeyBytes as hex={}, error={}", Utilities.bytesAsHexString(bArr), e);
            e.printStackTrace();
            throw new KeyConversionException(e);
        }
    }
}
